Posted 1254308038|%O ago by michal frackowiak
The design describes an improvement to authentication flow and membership policies.
Many people find it confusing to leave current site (e.g. foo.wikidot.com) and create account / login at www.wikidot.com, which had separate layout, design and had no references to the original site. The reason why login and registration is at www.wikidot.com is security.
With the new design, logging in and creating accounts happen without leaving the original site. Assume an anonymous user is at site foo.wikidot.com. The options are:
A pop-up window appears above the current page, without leaving it. Dialog asks for username/email and password. When entered correctly, pop-up disappears and the current page refreshes, to reflect the new state (logged in).
Login pop-up also gives an option to create a new account or recover a forgotten password.
Browsers should remember login credentials much better.
A pop-up window appears above the current page, with the form collecting all required data for a new account. After successful validation of the entered data, the dialog says "Check your mailbox" and suggests that you close the dialog.
In the confirmation email there is link a user needs to click. Also, the email references the current site and mentions that it is hosted on Wikidot. After clicking a link user is taken through a series of necessary (automatic) redirects and taken back to the current page.
Other options in the dialog are: log-in.
The new flow integrates much better with sites and should be more consistent for users, does not interrupt the users by taking them to a separate website, and should allow more branding options for the authentication process in the future.
We propose 3 membership policies for sites (instead of current 2):
Everyone can join a site (become a member), without passwords or applying. Site is visible to all users.
If a site is "open", users that click "create account" while being on the site, automatically become members.
Replaces current "public" model. Site is visible to all users, but not everyone can become a member. Membership still happens by invitation, request, or password.
Current private model is unchanged. Site is visible only to its members.
Admins can choose the model:
The join module should allow several visualization options:
It's similar to what we need for buttons (like a 'delete' action).
Portfolio
I reckon that's a great model. I'm especially impressed by the usage of a new window (as opposed to an on-page popup). This means that if a page is iframed and the user tries to login to the iframed wikidot website, a new window appears rather than a squashed popup within the iframe.
PS @ Michal — Safari aye? *nods approvingly*
Not sure what happens within iframed pages — I would be expecting some security policy problems, but I will try this in my curiosity.
Michał Frąckowiak @ Wikidot Inc.
Visit my blog at michalf.me
This would be a vast improvement on the current procedure.
Sue
Does the text in the Join module appear as a simple link, or as a button?
~ Leiger - Wikidot Community Admin - Volunteer
Wikidot: Official Documentation | Wikidot Discord server | NEW: Wikiroo, backup tool (in development)
Good question. I guess link would be more flexible since you can use it within limitations. But within the flow you should also be able to log-in or create account, so a simple link might not be sufficient.
Michał Frąckowiak @ Wikidot Inc.
Visit my blog at michalf.me
See my earlier suggestion on visualization. I'll put that into the text.
Portfolio
Since the whole module appears/disappears conditionally, even neater would be a template, i.e. a module body that would appear/disappear depending on the membership status of the reader. I've no idea how we would make buttons and links work in the template… Michal?
Portfolio
Wow! That's fantastic news, guys. Thanks a lot.
I just noted one potential problem. There doesn't seem to be an easy way for Wikidot members to join a site. It would be nice if Wikidot members which are not yet members of a given site were presented with the option "Join this site" at the page's top right corner. Non-signed in people are shown the options "create an account" and "sign in". Signed-in Wikidot members which are not site members, however, have no reminder that they are NOT a member yet until they try to perform an action that's exclusive to site members. A "join this site" link would solve that problem. Did I make myself clear?
Thanks again!
Eduardo R. Ribeiro
http://www.etnolinguistica.org
This should answer your question: http://blog.wikidot.com/design:19
Portfolio
Thanks, Pieter, for pointing that out to me. It's a beautiful design, and I look forward to its implementation.
Eduardo R. Ribeiro
http://www.etnolinguistica.org